0.1.3 • Published 3 years ago

@janiscommerce/sdk v0.1.3

Weekly downloads
-
License
ISC
Repository
github
Last release
3 years ago

sdk

Build Status Coverage Status npm version

An SDK to interact with Janis easily

Installation

npm install @janiscommerce/sdk

API

Auth

This SDK implements the OAuth Authorization Code flow + PKCE, which is the recommended flow for Web and Native APPs.

You can see this module API in the following examples:

Authorization Request

const { Auth } = require('@janiscommerce/sdk');

const options = {
	client_id: 'YOUR_APP_CLIENT_ID', // Required
	client_secret: 'YOUR_APP_CLIENT_SECRET', // Not required yet
	redirect_uri: 'YOUR_APP_REDIRECT_URI', // Required
	scope: 'scope to authorize', // Recommended
	state: 'optional app state'
};

const authClient = new Auth(options);

const {
	codeVerifier,
	codeChallenge,
	codeChallengeMethod
} = await authClient.generatePKCEChallenge();

// Store safely to fetch the tokens later
storeSafely(pkceChallenge.codeVerifier);

const authorizeUrl = authClient.getAuthorizeUrl({
	code_challenge: codeChallenge,
	code_challenge_method: codeChallengeMethod
});

window.location.href = authorizeUrl;

Tokens Fetching and Refreshing

const { Auth } = require('@janiscommerce/sdk');

const options = {
	client_id: 'YOUR_APP_CLIENT_ID', // Required
	client_secret: 'YOUR_APP_CLIENT_SECRET', // Required for fetching and refreshing tokens
	redirect_uri: 'YOUR_APP_REDIRECT_URI' // Required
};

const authClient = new Auth(options);

// Retrieve the verifier from your storage
const codeVerifier = fetchCodeVerifierFromSafeStorage();

const [, authorizationCode] = window.location.search.match(/[?&]code=([^?&]+)/) || [];

const {
	tokenType,
	expiresIn,
	scope,
	accessToken,
	idToken, // This is only returned if openid scope is authorized
	refreshToken // This is only returned if offline_access scope is authorized
} = await authClient.getTokens({
	code: authorizationCode
	codeVerifier: codeVerifier
});

const userData = await authClient.decodeIdToken(id_token);

console.log(`Hello ${userData.name}!`);

// refreshTokens() response has the same structure than getTokens()
const newTokens = await authClient.refreshTokens(refresh_tokens);

The Auth by default uses Janis Production endpoints. But if you need to test against the QA environment, or even if you want to use it against a custom Authorization server (for example, Google's), you can pass an extra argument to each method:

  • getAuthorizeUrl(appInfo, 'https://accounts.google.com/o/oauth2/v2/auth')
  • getTokens(authorizationData, 'https://oauth2.googleapis.com/token')
  • decodeIdToken(idToken, 'https://www.googleapis.com/oauth2/v3/certs')
  • refreshTokens(refreshTokens, 'https://oauth2.googleapis.com/token')
@janiscommerce/jwtcrypto-jsisomorphic-fetch
@infinitebrahmanuniverse/nolb-_jan@everything-registry/sub-chunk-480
0.1.3

3 years ago

0.1.2

4 years ago

0.1.1

4 years ago

0.1.0

4 years ago